SIM Swappers Indicted for Stealing $2.4 Million in Cryptoassets

US courts have reportedly charged six individuals for their alleged involvement in a “SIM swapping” attack, through which they stole approximately $2.4 million in cryptoassets from several investors. According to PCMag, the six offenders are affiliated with a group of hackers known as “The Community,” which had allegedly hacked into multiple cryptocurrency wallets and stolen the funds stored in them.

Launching Attacks Through Widely-Used SIM Swapping Technique

As noted in the incident report, the criminals used a SIM swapping technique to hack into users’ cell phones and also to gain access to their digital asset wallets. Taking advantage of the fact most users’ mobile phone numbers are linked to their online bank accounts and email, the hackers were reportedly able retrieve private passwords and key phrases belonging to the victims.

As detailed by federal authorities assigned to the investigation, the hackers managed to orchestrate the large-scale financial crime by impersonating the actual owners of the cell phone numbers. They tricked the cell phone service providers into believing they were the real owners and convinced them to transfer the victims’ numbers to other mobile phones (which belonged to the hackers).

In addition to posing as the owners of the mobile phone numbers, the hackers had bribed staff working at the cell phone companies.

Six Defendants Indicted By US Prosecutors

The six defendants were indicted on Thursday (May 10, 2019) for their involvement in the multi-million dollar crypto crime. US prosecutors also unsealed a formal complaint against three customer support representatives, who had previously been working at various cell phone service provider companies. The former customer support specialists have been charged for assisting hackers in carrying out the SIM-swapping attacks.

Commenting on the incident, US Attorney Matthew Schneider, remarked:

Mobile phones today are not only a means of communication but also a means of identification. This case should serve as a reminder to all of us to protect our personal and financial information from those who seek to steal it.

Notably, US prosecutors are now charging the six defendants with orchestrating seven different attacks, during the time period from December 2017 to May 2018. In one incident, the suspects allegedly stole $1.9 million in cryptocurrency from a single investor.

In early February 2019, a SIM swap hacker was sentenced to 10 years in prison as he had reportedly stolen $5 million in cryptoassets from unsuspecting investors. According to the incident report, the offender was a 20-year-old college student named Joel Ortiz, who had managed to steal the large amount of cryptocurrency from around 40 victims with the “help of unnamed accomplices.”

P2P Token Trading Platform AirSwap Discloses ‘Critical Vulnerability’

Peer-to-peer trading platform AirSwap claims to have identified a "critical vulnerability" in one of its smart contracts.

Ten addresses have been identified so far as being at risk of exploitation.

Peer-to-peer token trading network AirSwap has disclosed a “critical vulnerability” in a newly released smart contract.

AirSwap's Critical Vulnerability

According to the disclosure, which was published on Sept. 13, AirSwap’s internal security team identified a potential exploit in a newly released mainnet smart contract. The vulnerability would allow an attacker to “perform a swap without requiring a signature from a counterparty.”

Our team discovered a critical vulnerability in a new AirSwap smart contract. Read on to understand the steps we’ve taken to prevent the vulnerability from being exploited, and to determine whether you need to take immediate action. https://t.co/1OWkMocWqg

AirSwap claims that the offending code was only present for twenty-four hours on the network before being identified and removed. However, users of AirSwap Instant between Sept. 11 and Sept. 12 may have been affected by the vulnerability, with the report claiming that 10 accounts have been recognized so far as being at risk.

AirSwap has published the addresses to the vulnerable accounts, telling all other users that no further action is required. The report also outlines the step-by-step actions taken by the exchange in the aftermath of discovering the vulnerability, including an apology to its client base,

We would like to deeply apologize to our affected users for any inconvenience these vulnerabilities may have caused, and hope that the important lessons we continue to learn throughout these processes form the basis for a more open, secure, and efficient trading environment.